Sandboxie Plus 0.7

Discussion in 'Sandboxie (SBIE Open Source) Plus & Classic' started by DavidXanatos, Feb 15, 2021.

  1. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    Hi,
    Sandboxie is back to running perfect. Working perfectt with all my browsers.
    And do we have to worry about Sandboxie coming to an end in the next year or so?

    Just wondering does Sandboxie protect the MBR= Master Boot Records?

    And how does leakage compare to Comodo Firewall, Shadow Defender, Shade
    Sandbox, Toolwiz Time Freeze, ect?

    Just trying to better understand different software..... So when I use combinations
    of security as a safety net......

    Kind regards,
     
  2. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    > And do we have to worry about Sandboxie coming to an end in the next year or so?
    no

    > Just wondering does Sandboxie protect the MBR= Master Boot Records?
    yes

    > And how does leakage compare to Comodo Firewall
    Comodo sandbox does not filter RPC calls in the kernel so breaking out is quite easy

    > Shadow Defender
    works differently its like a revert to snapshot/backup on every reboot sort of system

    > Shade Sandbox
    I run an msi installer inside that sandbox and it got installed to the real system, so its... useless!
     
  3. Freki123

    Freki123 Registered Member

    Joined:
    Jan 20, 2015
    Posts:
    336
    Google safebrowsing on a rampage :D (Just wanted to let you know)
    Untitled.jpg
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  5. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,868
  6. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Hmmm, I wonder why this happens: If there's an un-sandboxed instance of Edge and Firefox on the desktop already and then you open the same browser sandboxed, you get error messages in the sandboxed browser. It seems it's not unique to Edge.

    No big deal, it's more like a curiosity. This is what I get w/Firefox in the Box over top of its unsandboxed instance. Odd but I'm sure there's a reasonable explanation.

    firefoxsbieandnot.PNG
     
  7. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Maybe, I'm not reproducing your steps? v0.7.5 / 5.49.8
    1) top Google pages = Edge & Firefox not sandbox'd
    2) bottom Google pages = Firefox & Edge sandbox'd
    png_10775.png
     
    Last edited: Jun 6, 2021
  8. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,242
    No problems with Firefox and Edge Chromium using v5.49.7.
     
  9. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,793
    Location:
    .
    Changes and additions I noticed in Sandboxie.ini

    Today I realized that the ini file contains two additional lines written down below at the bottom lol
    Code:
    [UserSettings_07C40186]
    
    SbieCtrl_AutoStartAgent=SandMan.exe
    
    Looks like a new UserSettings line was added with different numbers

    "Old line" says
    Code:
    [UserSettings_054C0158]
     
  10. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    @DavidXanatos

    I appreciate all your answers to the questions from post # 326.
    Again, thank you!:)
     
  11. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    FWIW ~ I have three Windows user accounts. My three [UserSettings_nnnnnnnn] with v0.7.5 ini are the same numbers as my saved v0.7.4 ini copy. (v0.7.5 over-install)

    FWIW ~ I find
    Code:
    SbieCtrl_AutoStartAgent=SandMan.exe
    with my saved v0.7.4 ini copy and my v0.7.5 ini
     
    Last edited: Jun 6, 2021
  12. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,793
    Location:
    .
    Thanks.

    I wonder if this new line/section [UserSettings_07C40186] is meant to replace old line/section [UserSettings_054C0158] and somehow the sbie 0.7.5 installer messed it up and kept both sections...
     
  13. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    and you have only one Windows user account?
     
  14. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,793
    Location:
    .
    Yes I do.
     
  15. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    @bjm_ : here's a very short clip of what I'm talking about when having an unsandboxed Edge already on the desktop and then one opens another instance on top of that, this time sandboxed. It's a curiosity is all, especially since I didn't notice this behavior in prev. Sbie builds.

    https://malwaretips.com/threads/sandboxie-release-v0-7-5-5-49-8.108509/#post-945920

    This video is unlisted so if you can't open it directly, just click the link in the video itself, I guess....
     
  16. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,935
    Location:
    UK
    @plat1098
    Vivaldi as you know is my default and I cannot replicate your findings with it.

    If I have an unsandboxed Edge open and then right-click on Edge desktop icon and select run sandboxed everything works ok.
     
  17. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Hmm.... so why the second [UserSettings_nnnnnnnn] ? Yeah, head scratch?. And you never setup another user account? Do you know which [UserSettings_nnnnnnnn] is active? Maybe, edit not active [UserSettings_nnnnnnnn] from ini. IDK
     
    Last edited: Jun 6, 2021
  18. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,793
    Location:
    .
    Oh god, wait lol, I'm trying to understand. So are you telling me Sbie creates different [UserSettings_nnnnnnnn] sections for each Windows User Accounts?
    I assume you are...
    Geez didn't know that since I never had different accounts on my pcs.

    Anyway Sbie installer or new Sbie Control / Sandman.exe is messing with ini file thinking I got another Windows User Account. But I don't.
     
  19. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Okay. I think I saw DefaultBox in video. I run discrete box's. I do not use DefaultBox.
    as test ~ I disable Edge forced and call Edge from Edge desktop shortcut. Then, I allow Edge forced and call Edge from Edge desktop shortcut. Second Edge call (sandbox'd) opens New tab page.
    png_10776.png
     
    Last edited: Jun 6, 2021
  20. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Yep, that's my experience. I have three Windows user accounts. Sandboxie install populates to my three Windows user accounts.
    Note: my ini is from long before Sandboxie+.
    I'm using bjm now.
    png_10778.png
     
    Last edited: Jun 6, 2021
  21. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    OK, yes I see where you're coming from also, bjm_. If you don't use the Default Box, then this wouldn't be an issue. Thanks for taking a look, though, I appreciate it.

    stapp, I reset Edge last night so no settings should be messed up right now there. I also started adding various permissions to the Default Box settings and nothing made those message boxes go away. Thanks for checking, like I said it's just a curiosity.
     
  22. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    @plat1098
    Okay...using DefaultBox - default settings
    1) call Edge desktop shortcut - Edge unsandbox'd
    2) call Edge desktop shortcut with Run Sandboxed - DefaultBox - Edge sandbox'd
    png_10779.png
     
    Last edited: Jun 6, 2021
  23. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    OK bjm_, so it's likely something on here....again. :rolleyes: Thanks for checking. Now when you tested this, both browser instances are on the desktop, not just one or the other, right?

    @anyone: I happened to read a really good article about Password Managers, written by Tavis Ormandy of Google's Project Zero. In a nutshell, he is against PMs in general, but if one HAS to use one, he recommends using the ones built into browsers such as Chrome, Edge and Firefox. Now, one excerpt from the article is here:

    tosandboxes.PNG

    He's talking about in-built browser isolation, but would this apply to Sandboxie as well? (the issue being that PMs can degrade the security of browser sandboxes in certain scenarios).

    Article in full is linked in his Twitter post.

    https://twitter.com/taviso/status/1401248187831099394
     
  24. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Yes, both Edge sessions were active at the same time. I reduced page size to grab one screen snip showing both active Edge sessions...left page wo yellow border...right page w yellow border.
     
    Last edited: Jun 6, 2021
  25. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    454
    Location:
    .
    A few changes and I noticed after updating to "5.49.8 classic" from "5.49.5 classic" as I compare my current to previous Sandboxie.ini, David could you explain a little what these do?

    Template=OpenBluetooth
    Template=OpenSmartCard

    Were new, I see in the changelog that "OpenBluetooth" is used for Unity games, but what exactly is "Unity" doing that requires this? I've removed this template as I don't play Unity games and don't like unnecessary global templates active if not needed.

    Same with "OpenSmartCard", whats is its purpose? What software would need this?

    Also noticed all my boxes "ConfigLevel=" changed from "ConfigLevel=8" to "ConfigLevel=9", what does 8 to 9 mean?

    And a request, please keep the Window Title "clean" of your URL, there are better places to put this sort of thing like in the "About" tab.

    This is what I'm talking about;

    https://i.imgur.com/MSDh0A4.png
    https://i.imgur.com/birUUI4.png

    Consider please.

    Other then that, this release works flawless. Good job!
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.